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DETAILED ACTION 



1. This action is in response to the communication filed on 06/14/2001 . Claims 1 - 
21 were received for consideration. No preliminary amendments to the specification 
were filed. Claims 1 - 21 are currently being considered. 



Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

2. Claims 1 -4, 6, 10 - 13 and 15 are rejected under 35 U.S.C. 102(b) as being 
anticipated by Ramasubramani et al. (U.S. Patent Number 6,233,577). 

Regarding Claim 1 , Ramasubramani teaches and describes a method for 
managing a digital certificate within a data processing system (Fig. 2 and 3), the method 
comprising: 

receiving a certificate revocation list (Column 1 1 line 53 - Column 12 line 12); 

and 



Application/Control Number: 09/881 ,91 6 Page 3 

Art Unit: 2136 

in response to receiving the certificate revocation list, automatically requesting 
removal of the digital certificate from a certificate repository (Column 12 lines 13-28 
and Column 13 lines 12 - 32). 

Regarding Claim 10, Ramasubramani teaches and describes an apparatus for 
managing digital certificate (Fig. 2 and 3), the apparatus comprising: 

means for receiving a certificate revocation list (Column 1 1 line 53 - Column 12 
line 12); and 

means for automatically requesting removal of the digital certificate from a 
certificate repository in response receiving the certificate revocation list (Column 12 
lines 13-28 and Column 13 lines 12-32). 

Claims 2 and 1 1 are rejected as applied above in rejecting Claims 1 and 10. 
Furthermore, Ramasubramani teaches and describes a method for managing a digital 
certificate within a data processing system (Fig. 2 and 3), further comprising: 

extracting a certificate serial number from the certificate revocation list, wherein 
the certificate serial number has been associated with the digital certificate by the 
certifying authority (Column 3 lines 48 - 59 and Column 12 lines 13 - 28); and 

requesting removal of the digital certificate from the certificate repository using 
the certificate serial number of the digital certificate (Column 12 lines 13 - 28). 
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Claims 3 and 12 are rejected as applied above in rejecting Claims 1 and 10. 
Furthermore, Ramasubramani teaches and describes a method for managing a digital 
certificate within a data processing system (Fig. 2 and 3), further comprising: 

receiving a certificate revocation announcement message (Column 1 1 line 53 - 
Column 12 line 12); and 

extracting the certificate revocation list from the certificate revocation list 
announcement message (Column 12 lines 13-28). 

Claims 4 and 13 are rejected as applied above in rejecting Claims 1 and 10. 
Furthermore, Ramasubramani teaches and describes a method for managing a digital 
certificate within a data processing system (Fig. 2 and 3), wherein the digital certificate 
and the certificate revocation list are formatted according to X.509 standards (Column 
10 lines 9 -46). 

Claims 6 and 15 are rejected as applied above in rejecting Claims 1 and 10. 
Furthermore, Ramasubramani teaches and describes a method for managing a digital 
certificate within a data processing system (Fig. 2 and 3), wherein a registration 
authority receives the certificate revocation list and generates certificate removal 
request (Column 1 2 lines 1 3 - 28 and Column 1 3 lines 1 2 - 32). 
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Claim Rejections ■ 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 5, 7 -9, 14 and 16 -21 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Ramasubramani et al. (U.S. Patent Number 6,233,577, hereinafter 
"Ramasubramani") in view of Grimmer (U.S. Patent Number 5,774,552, hereinafter 
"Grimmer"). 

Regarding Claim 7, Ramasubramani teaches and describes a method for 
managing a digital certificate within a data processing system (Ramasubramani Fig. 2 
and 3), the method comprising: 

receiving certificate revocation list, wherein the certificate revocation list identifies 
at least one digital certificate that has been revoked by a certifying authority 
(Ramasubramani Column 1 1 line 53 - Column 12 line 12); 

extracting a certificate serial number from the certificate revocation list, wherein 
the certificate serial number uniquely corresponds to a digital certificate 
(Ramasubramani Column 3 lines 48 - 59 and Column 12 lines 1 3 - 28); and 

in response to receiving the certificate revocation list, automatically requesting 
removal of the digital certificate from an LDAP (Lightweight Directory Access Protocol) 
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directory using the extracted certificate serial number (Ramasubramani Column 10 line 
9 - 46; Column 1 2 lines 1 3 - 28 and Column 1 3 lines 1 2 - 32). Ramasubramani 
discloses using X.500 directory where the directory is organized hierarchically 
(Ramasubramani Column 10 line 25-46) and does not explicitly disclose LDAP 
directory. However, Grimmer discloses a method for retrieving, verifying, using 
(managing) and interfacing with an LDAP directory for authentication certificates 
responsive to a search criteria message (Grimmer Column 4 lines 19-31 and Column 
6 lines 36 - 57). Therefore it would have been obvious to one having ordinary skill in the 
art at the time the invention was made to modify Ramasubramani by Grimmer to arrive 
at the claimed invention by having received the certificate revocation list and 
automatically requesting removal of the digital certificate from a directory that has 
hierarchical information structure as taught by Ramasubramani and logically replacing 
with the LDAP directory as taught by Grimmer (see Grimmer Column 6 lines 36 - 57). 
One of ordinary skill in the art would have been motivated to modify Ramasubramani by 
Grimmer as discussed about because in a certificate management system LDAP (which 
is based on the standards contained within the X.500 standard) supports TCP/IP which 
is necessary for any type of Internet access, LDAP is an open protocol and also 
because it is a simpler version of X.500. 

Regarding Claim 16, Ramasubramani teaches and describes an apparatus for 
managing digital certificate (Ramasubramani Fig. 2 and 3), the apparatus comprising: 
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means for receiving a certificate revocation list, wherein the certificate revocation 
list identifies at least one digital certificate that has been revoked by a certifying 
authority (Ramasubramani Column 11 line 53 - Column 12 line 12); 

means for extracting a certificate serial number from the certificate revocation list, 
wherein the certificate serial number uniquely corresponds to digital certificate 
(Ramasubramani Column 3 lines 48 - 59 and Column 12 lines 13 - 28); and 

means for automatically requesting removal of the digital certificate from an 
LDAP (Lightweight Directory Access Protocol) directory using the extracted certificate 
serial number response to receiving the certificate revocation list (Ramasubramani 
Column 1 0 line 9 - 46; Column 1 2 lines 1 3 - 28 and Column 1 3 lines 1 2 - 32). 
Ramasubramani discloses using X.500 directory where the directory is organized 
hierarchically (Ramasubramani Column 10 line 25-46) and does not explicitly disclose 
LDAP directory. However, Grimmer discloses a method for retrieving, verifying, using 
(managing) and interfacing with an LDAP directory for authentication certificates 
responsive to a search criteria message (Grimmer Column 4 lines 19-31 and Column 
6 lines 36 - 57). Therefore it would have been obvious to one having ordinary skill in the 
art at the time the invention was made to modify Ramasubramani by Grimmer to arrive 
at the claimed invention by having received the certificate revocation list and 
automatically requesting removal of the digital certificate from a directory that has 
hierarchical information structure as taught by Ramasubramani and logically replacing 
with the LDAP directory as taught by Grimmer (see Grimmer Column 6 lines 36 - 57). 
One of ordinary skill in the art would have been motivated to modify Ramasubramani by 
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Grimmer as discussed about because in a certificate management system LDAP (which 
is based on the standards contained within the X.500 standard) supports TCP/IP which 
is necessary for any type of Internet access, LDAP is an open protocol and also 
because it is a simpler version of X.500. 

Regarding Claim 19, Ramasubramani teaches and describes a computer 
program product on a computer readable medium for use in a data processing system 
for managing a digital certificate, the computer program product comprising: 

instructions for receiving a certificate revocation list, wherein the certificate 
revocation list identifies at least one digital certificate that has been revoked by 
certifying authority (Ramasubramani Column 1 1 line 53 - Column 12 line 12); 

instructions for extracting certificate serial number from the certificate revocation 
list, wherein the certificate serial number uniquely corresponds to a digital certificate 
(Ramasubramani Column 3 lines 48 - 59 and Column 12 lines 13 - 28); and 

instructions for automatically requesting removal of the digital certificate from an 
LDAP (Lightweight Directory Access Protocol) directory using the extracted certificate 
serial number in response to receiving the certificate revocation list (Ramasubramani 
Column 1 0 line 9 - 46; Column 1 2 lines 1 3 - 28 and Column 1 3 lines 1 2 - 32). 
Ramasubramani discloses using X.500 directory where the directory is organized 
hierarchically (Ramasubramani Column 10 line 25-46) and does not explicitly disclose 
LDAP directory. However, Grimmer discloses a method for retrieving, verifying, using 
(managing) and interfacing with an LDAP directory for authentication certificates 
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responsive to a search criteria message (Grimmer Column 4 lines 19-31 and Column 
6 lines 36 - 57). Therefore it would have been obvious to one having ordinary skill in the 
art at the time the invention was made to modify Ramasubramani by Grimmer to arrive 
at the claimed invention by having received the certificate revocation list and 
automatically requesting removal of the digital certificate from a directory that has 
hierarchical information structure as taught by Ramasubramani and logically replacing 
with the LDAP directory as taught by Grimmer (see Grimmer Column 6 lines 36 - 57). 
One of ordinary skill in the art would have been motivated to modify Ramasubramani by 
Grimmer as discussed about because in a certificate management system LDAP (which 
is based on the standards contained within the X.500 standard) supports TCP/IP which 
is necessary for any type of Internet access, LDAP is an open protocol and also 
because it is a simpler version of X.500. 

Claims 5 and 14 are rejected as applied above in rejecting Claims 1 and 10. 
Furthermore, Ramasubramani teaches and describes a method for managing a digital 
certificate within a data processing system (Fig. 2 and 3), wherein the certificate 
repository is an LDAP (Lightweight Directory Access Protocol) directory 
(Ramasubramani Column 10 line 9 - 46). Ramasubramani discloses using X.500 
directory where the directory is organized hierarchically (Ramasubramani Column 10 
line 25 - 46) and does not explicitly disclose LDAP directory. However, Grimmer 
discloses a method for retrieving, verifying, using (managing) and interfacing with an 
LDAP directory for authentication certificates responsive to a search criteria message 
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(Grimmer Column 4 lines 19-31 and Column 6 lines 36 - 57). Therefore it would have 
been obvious to one having ordinary skill in the art at the time the invention was made 
to modify Ramasubramani by Grimmer to arrive at the claimed invention by having 
received the certificate revocation list and automatically requesting removal of the digital 
certificate from a directory that has hierarchical information structure as taught by 
Ramasubramani and logically replacing with the LDAP directory as taught by Grimmer 
(see Grimmer Column 6 lines 36 - 57). One of ordinary skill in the art would have been 
motivated to modify Ramasubramani by Grimmer as discussed about because in a 
certificate management system LDAP (which is based on the standards contained 
within the X.500 standard) supports TCP/IP which is necessary for any type of Internet 
access, LDAP is an open protocol and also because it is a simpler version of X.500. 

Claims 8, 17 and 20 are rejected as applied above in rejecting Claims 7, 16 and 
19. Furthermore, Ramasubramani teaches and describes a method for managing a 
digital certificate within a data processing system (Fig. 2 and 3), further comprising: 

receiving a certificate revocation announcement message (Column 1 1 line 53 - 
Column 12 line 12); and 

extracting the certificate revocation list from the certificate revocation list 
announcement message (Column 12 lines 13 - 28). 

Claims 9, 18 and 21 are rejected as applied above in rejecting Claims 7, 16 and 
19. Furthermore, Ramasubramani teaches and describes a method for managing a 



Application/Control Number: 09/881,916 Page 11 

Art Unit: 2136 

digital certificate within a data processing system (Fig. 2 and 3), wherein the digital 
certificate and the certificate revocation list are formatted according to X.509 standards 
(Column 10 lines 9-46). 



Conclusion 

4. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Pramila Parthasarathy whose telephone number is 571- 
272-3866. The examiner can normally be reached on 8:00a.m. To 5:00p.m.. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-232-3795. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is 703-305- 
3900. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR only. For more 
information about the PAIR system, contact the Electronic Business Center (EBC) at 
866-217-9197 (toll-free). 

Pramila Parthasarathy 
November 18, 2004. 
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